ubuntu/+source/openssh:debian/sid

Last commit made on 2019-07-09
Get this branch:
git clone -b debian/sid https://git.launchpad.net/ubuntu/+source/openssh
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/sid
Repository:
lp:ubuntu/+source/openssh

Recent commits

7dd3c86... by Colin Watson on 2019-07-08

Import patches-unapplied version 1:8.0p1-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: de92b0e675df783ad5240379a4a8b7ef577ad39a

New changelog entries:
  * Upload to unstable.

de92b0e... by Colin Watson on 2019-06-14

Import patches-unapplied version 1:8.0p1-2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: b8798708f603f6479336174a476ff5fa4f3ddfa0

New changelog entries:
  * Fix interop tests for recent regress changes.

b879870... by Colin Watson on 2019-06-09

Import patches-unapplied version 1:8.0p1-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 16757f8f36f33d6d3ff0aa7e675b6ff19e92b96d

New changelog entries:
  * New upstream release (https://www.openssh.com/txt/release-8.0, closes:
    #927792):
    - ssh(1), ssh-agent(1), ssh-add(1): Add support for ECDSA keys in
      PKCS#11 tokens (LP: #1665695).
    - ssh(1), sshd(8): Add experimental quantum-computing resistant key
      exchange method, based on a combination of Streamlined NTRU Prime
      4591^761 and X25519.
    - ssh-keygen(1): Increase the default RSA key size to 3072 bits,
      following NIST Special Publication 800-57's guidance for a 128-bit
      equivalent symmetric security level (LP: #1445625).
    - ssh(1): Allow "PKCS11Provider=none" to override later instances of the
      PKCS11Provider directive in ssh_config.
    - sshd(8): Add a log message for situations where a connection is
      dropped for attempting to run a command but a sshd_config
      ForceCommand=internal-sftp restriction is in effect.
    - ssh(1): When prompting whether to record a new host key, accept the
      key fingerprint as a synonym for "yes". This allows the user to paste
      a fingerprint obtained out of band at the prompt and have the client
      do the comparison for you.
    - ssh-keygen(1): When signing multiple certificates on a single
      command-line invocation, allow automatically incrementing the
      certificate serial number.
    - scp(1), sftp(1): Accept -J option as an alias to ProxyJump on the scp
      and sftp command-lines.
    - ssh-agent(1), ssh-pkcs11-helper(8), ssh-add(1): Accept "-v"
      command-line flags to increase the verbosity of output; pass verbose
      flags though to subprocesses, such as ssh-pkcs11-helper started from
      ssh-agent.
    - ssh-add(1): Add a "-T" option to allowing testing whether keys in an
      agent are usable by performing a signature and a verification.
    - sftp-server(8): Add a "<email address hidden>" protocol extension that
      replicates the functionality of the existing SSH2_FXP_SETSTAT
      operation but does not follow symlinks.
    - sftp(1): Add "-h" flag to chown/chgrp/chmod commands to request they
      do not follow symlinks.
    - sshd(8): Expose $SSH_CONNECTION in the PAM environment. This makes
      the connection 4-tuple available to PAM modules that wish to use it in
      decision-making.
    - sshd(8): Add a ssh_config "Match final" predicate. Matches in same
      pass as "Match canonical" but doesn't require hostname
      canonicalisation be enabled.
    - sftp(1): Support a prefix of '@' to suppress echo of sftp batch
      commands.
    - ssh-keygen(1): When printing certificate contents using "ssh-keygen
      -Lf /path/certificate", include the algorithm that the CA used to sign
      the cert.
    - sshd(8): Fix authentication failures when sshd_config contains
      "AuthenticationMethods any" inside a Match block that overrides a more
      restrictive default.
    - sshd(8): Avoid sending duplicate keepalives when ClientAliveCount is
      enabled.
    - sshd(8): Fix two race conditions related to SIGHUP daemon restart.
      Remnant file descriptors in recently-forked child processes could
      block the parent sshd's attempt to listen(2) to the configured
      addresses. Also, the restarting parent sshd could exit before any
      child processes that were awaiting their re-execution state had
      completed reading it, leaving them in a fallback path.
    - ssh(1): Fix stdout potentially being redirected to /dev/null when
      ProxyCommand=- was in use.
    - sshd(8): Avoid sending SIGPIPE to child processes if they attempt to
      write to stderr after their parent processes have exited.
    - ssh(1): Fix bad interaction between the ssh_config ConnectTimeout and
      ConnectionAttempts directives - connection attempts after the first
      were ignoring the requested timeout (LP: #1798049).
    - ssh-keyscan(1): Return a non-zero exit status if no keys were found
      (closes: #374980, LP: #1661745).
    - scp(1): Sanitize scp filenames to allow UTF-8 characters without
      terminal control sequences.
    - sshd(8): Fix confusion between ClientAliveInterval and time-based
      RekeyLimit that could cause connections to be incorrectly closed.
    - ssh(1), ssh-add(1): Correct some bugs in PKCS#11 token PIN handling at
      initial token login. The attempt to read the PIN could be skipped in
      some cases, particularly on devices with integrated PIN readers. This
      would lead to an inability to retrieve keys from these tokens.
    - ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the
      CKA_ALWAYS_AUTHENTICATE flag by requring a fresh login after the
      C_SignInit operation.
    - ssh(1): Improve documentation for ProxyJump/-J, clarifying that local
      configuration does not apply to jump hosts.
    - ssh-keygen(1): Clarify manual - ssh-keygen -e only writes public keys,
      not private.
    - ssh(1), sshd(8): be more strict in processing protocol banners,
      allowing \r characters only immediately before \n.
    - Various: fix a number of memory leaks.
    - scp(1), sftp(1): fix calculation of initial bandwidth limits. Account
      for bytes written before the timer starts and adjust the schedule on
      which recalculations are performed. Avoids an initial burst of
      traffic and yields more accurate bandwidth limits.
    - sshd(8): Only consider the ext-info-c extension during the initial key
      eschange. It shouldn't be sent in subsequent ones, but if it is
      present we should ignore it. This prevents sshd from sending a
      SSH_MSG_EXT_INFO for REKEX for these buggy clients.
    - ssh-keygen(1): Clarify manual that ssh-keygen -F (find host in
      authorized_keys) and -R (remove host from authorized_keys) options may
      accept either a bare hostname or a [hostname]:port combo.
    - ssh(1): Don't attempt to connect to empty SSH_AUTH_SOCK.
    - sshd(8): Silence error messages when sshd fails to load some of the
      default host keys. Failure to load an explicitly-configured hostkey
      is still an error, and failure to load any host key is still fatal.
    - ssh(1): Redirect stderr of ProxyCommands to /dev/null when ssh is
      started with ControlPersist; prevents random ProxyCommand output from
      interfering with session output.
    - ssh(1): The ssh client was keeping a redundant ssh-agent socket
      (leftover from authentication) around for the life of the connection.
    - sshd(8): Fix bug in HostbasedAcceptedKeyTypes and
      PubkeyAcceptedKeyTypes options. If only RSA-SHA2 signature types were
      specified, then authentication would always fail for RSA keys as the
      monitor checks only the base key (not the signature algorithm) type
      against *AcceptedKeyTypes.
    - ssh(1): Request correct signature types from ssh-agent when
      certificate keys and RSA-SHA2 signatures are in use.
    - sshd(8): Don't set $MAIL if UsePAM=yes as PAM typically specifies the
      user environment if it's enabled (closes: #189920, #532754).
  * Mostly resynced GSSAPI key exchange patch with Fedora. Major changes:
    - Support selection of GSSAPI key exchange algorithms.
    - Support GSSAPI key exchange methods with DH and SHA2.
    - Support GSSAPI key exchange using ECDH and SHA2.
    - Make sure the Kerberos tickets are cleaned up with the user context.
    - Enable gssapi-keyex authentication without gssapi-with-mic.
    - Allow querying for GSSAPI key exchange algorithms from ssh (-Q
      kex-gss).
  * Apply upstream patch to fix the utimensat regression tests when not
    using the compatibility implementation.

16757f8... by Colin Watson on 2019-04-08

Import patches-unapplied version 1:7.9p1-10 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8505d87e9de6b7ca25aee09fb94e7e44774fbcca

New changelog entries:
  * Temporarily revert IPQoS defaults to pre-7.8 values until issues with
    "iptables -m tos" and VMware have been fixed (closes: #923879, #926229;
    LP: #1822370).

8505d87... by Colin Watson on 2019-03-01

Import patches-unapplied version 1:7.9p1-9 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 303b4f94fc255bcc5b1347ff3865af2e21418de0

New changelog entries:
  * Apply upstream patch to make scp handle shell-style brace expansions
    when checking that filenames sent by the server match what the client
    requested (closes: #923486).

303b4f9... by Colin Watson on 2019-02-28

Import patches-unapplied version 1:7.9p1-8 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7dd2e8340d2033bc5e48bee7f2c34f747b02572f

New changelog entries:
  [ Colin Watson ]
  * Apply upstream patch to fix bug in HostbasedAcceptedKeyTypes and
    PubkeyAcceptedKeyTypes options in the case where only RSA-SHA2 signature
    types were specified.
  * Apply upstream patch to request RSA-SHA2 signatures for
    rsa-sha2-{256|512}-<email address hidden> cert algorithms (closes:
    #923419).
  * Move moduli(5) manual page to openssh-server to go with /etc/ssh/moduli;
    forgotten in 1:7.9p1-5.
  [ Dominik George ]
  * Correctly handle conffile move to openssh-server (closes: #919344).

7dd2e83... by Colin Watson on 2019-02-26

Import patches-unapplied version 1:7.9p1-7 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b9e8c32db9b4845573d00cdbf12874fa2946b52c

New changelog entries:
  * Recommend "default-logind | logind | libpam-systemd" rather than just
    libpam-systemd (closes: #923199). (I've retained libpam-systemd as an
    alternative for a while to avoid backporting accidents, although it can
    be removed later.)
  * Pass "--exec /usr/sbin/sshd" to start-stop-daemon on stop as well as
    start and pass "--chuid 0:0" on start, to avoid problems with non-root
    groups leaking into the ownership of /run/sshd.pid (closes: #922365).

b9e8c32... by Colin Watson on 2019-02-08

Import patches-unapplied version 1:7.9p1-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7a993f6773bbf479168711bb4741cf03ef47ebb8

New changelog entries:
  * CVE-2019-6109: Apply upstream patches to sanitize scp filenames via
    snmprintf (closes: #793412).
  * CVE-2019-6111: Apply upstream patch to check in scp client that
    filenames sent during remote->local directory copies satisfy the
    wildcard specified by the user.

7a993f6... by Colin Watson on 2019-01-13

Import patches-unapplied version 1:7.9p1-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0e3e68fc18496818a71306bcc41f31e7c78e7e1d

New changelog entries:
  * Move /etc/ssh/moduli to openssh-server, since it's reasonably large and
    only used by sshd (closes: #858050).
  * Drop obsolete alternate build-dependency on libssl1.0-dev (closes:
    #917342).
  * CVE-2018-20685: Apply upstream scp patch to disallow empty incoming
    filename or ones that refer to the current directory (closes: #919101).

0e3e68f... by Colin Watson on 2018-11-16

Import patches-unapplied version 1:7.9p1-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e3c55943fd149900d80148a175d611ab60ecf553

New changelog entries:
  * Fix Ubuntu detection in debian/rules, since the documentation comment
    for dpkg_vendor_derives_from is wrong (thanks, Jeremy Bicha; see
    #913816).